Invites Trusted Partners to Join Forces in Combating Attacks on Edge Systems
Washington, DC – April 29, 2026 – GreyNoise Intelligence, the cybersecurity company providing real-time intelligence about edge attacks, today announced Project Swarm, a new collective research initiative to defend the network edge. By inviting partners to contribute IP space, device profiles, and detection capabilities, Project Swarm transforms GreyNoise’s platform from a proprietary sensor network to a collective ecosystem for cyber intelligence.
"We believe deception is the most effective way of getting telemetry about attacks on edge systems,” said Ash Devata, CEO, GreyNoise. “Today, we are launching Project Swarm, a community initiative to improve the depth, diversity and speed of global threat intelligence for all GreyNoise users. If we want to effectively defend against increasingly sophisticated threat actors, we need to work together."
The modern threat landscape is facing a critical inflection point. Advanced state-sponsored groups are hijacking edge devices – built-in tools on perimeter devices such as firewalls, VPN gateways, and load balancers – to maintain persistence without triggering traditional detection. These attacks are low-volume and highly targeted, making them invisible to conventional global datasets. At the same time, the exposure window is widening: research shows the average patch time for edge devices is approximately 32 days, while exploit time is often instant, especially when attacks are increasingly AI-assisted. This means that most critical internet-facing infrastructure sits exposed for months.
To close this gap, the security community needs broader and deeper visibility into edge devices across the internet. Project Swarm opens the GreyNoise deception platform to the global security community, so that third parties – including security researchers, universities, non-profits, NGOs, equipment manufacturers, and Internet Service Providers – can contribute to building the world’s largest and most advanced deception infrastructure.
Project Swarm invites trusted partners to contribute to the GreyNoise platform in three ways:
- Expanding IP Coverage. Partners provide physical connections to the internet to host sensors, expanding geographic and network diversity.
- Expanding Device Coverage. Partners bring specific device profiles (enterprise firewalls, VPN gateways, routers, load balancers) so sensors appear as high-value assets to attackers.
- Increasing Detection Velocity. Partners contribute new rules and tags to identify attacker tactics, techniques and procedures faster.
There is no cost to participate in Project Swarm. Participants will receive full access to the traffic collected by their sensors for their own research, and can also compare their sensor traffic against the GreyNoise global baseline to see what’s uniquely hitting their sensors.
For more information about how to join GreyNoise Project Swarm, please visit https://www.greynoise.io/project-swarm.
About GreyNoise Intelligence
GreyNoise empowers the security teams of enterprises and global governments to act with speed and confidence by providing fresh, verifiable threat intelligence about systems at the network edge. This allows security teams to reduce noise in security operations, perform in-depth investigations and threat hunts, and focus on the most critical threats to their networks. Our Global Observation Grid enables us to observe and analyze threat actor campaigns at global scale and share this intelligence with customers in real-time. For more information, please visit https://www.greynoise.io/, and follow us on Twitter, Mastodon and LinkedIn.
